DCPcrypt v2.0.6 — Cryptographic Component Library for Free Pascal/Lazarus

[ndxdev]

DCPcrypt v2.0.6 — Cryptographic Component Library for Free Pascal/Lazarus (MIT, pure Pascal, cross-platform)

Hey everyone,

I’m releasing DCPcrypt v2.0.6, a maintained continuation of David Barton’s original Delphi cryptographic library, fully ported to Lazarus/FPC and actively developed with new examples, tests, and documentation.

◈ What’s inside

• 20 cipher algorithms — Rijndael (AES), Blowfish, Twofish, Serpent, DES, 3DES, RC4, RC5, RC6, MARS, IDEA, Cast128, Cast256, Misty1, ICE, TEA, GOST…
• 10 hash algorithms — SHA-1, SHA-256, SHA-384, SHA-512, MD5, RIPEMD-128, RIPEMD-160, Tiger, HAVAL, MD4
• 6 block cipher modes — ECB, CBC, CFB8bit, CFBblock, OFB, CTR
• Stream encryption with Salt + IV + progress callbacks
• Base64 encoding/decoding
• Pure Pascal — no external C libraries, no DLLs
• Cross-platform — Linux, Windows, macOS

◈ Design philosophy

All ciphers derive from TDCP_cipher and all hashes from TDCP_hash. Algorithms are easily swappable with minimal code changes. InitStr accepts a passphrase and any hash class for key derivation, so moving from Rijndael+SHA256 to Twofish+SHA512 is typically a one-line change.

◈ Highlights (since the Lazarus port work)

• GUI examples ported from Delphi VCL to Lazarus LCL
– String encryption/decryption
– Threaded file encryption with progress bar

• Console demo programs
– String encryption (Salt + IV)
– File encryption with progress callback
– Large file hashing (>5 GB) with real-time progress, MB/s speed display, and elapsed time

• 282 automated functional tests covering hashes, ciphers, block modes, Base64, and stream encryption

• Makefile for command-line builds (tests, examples, full builds)

• GitHub Actions CI/CD pipeline building and testing on Linux, Windows, and macOS

• Full project documentation (README, building guide, contributing guide, API notes)

• Detailed comments across all source units

• Improved FPC compatibility
– Removed need for the -Mdelphi compiler flag
– Examples now use ObjFPC mode
– Added missing mode directives to core units

◈ Links

GitHub: https://github.com/NDXDeveloper/dcpcrypt-lazarus
Release: https://github.com/NDXDeveloper/dcpcrypt-lazarus/releases/tag/v2.0.6
Docs: https://github.com/NDXDeveloper/dcpcrypt-lazarus/tree/main/docs

MIT licensed. Works with FPC 3.2.0+ and Lazarus 2.0+.

Feedback, testing, and contributions are very welcome!

[cdbc]

Hi
Cool  Thanks mate -- Good on you =^
Regards Benny

[Okoba]

Thank you!

[dsiders]

You may want to email the OPM maintainer if you're becoming the defacto maintainer for the package. Because the 2.0.4.2 version on OPM still lists http://www.cityinthesky.co.uk/opensource/dcpcrypt/ as the home page, and does not indicate that it supports QT or macOS widgetsets.

[JD]

Wonderful. Thanks a million for your good work.

JD 

[valdir.marcos]

Thanks.

[Ten_Mile_Hike]

Code: Text  [Select][+][-]

1. Thanks!!!
2. I have a question for all those much more experienced than me.
3.  
4. Whenever I read articles on encryption for beginners many of them warn not
5. to use MD5 as it is compromised (or breakable or some such synonym.)
6.  
7. "IF" that is true, why is it included in DCPcrypt (unless it is for backwards compatibility).
8. If it is only for compatibility shouldn't it be for decryption only so as to prevent its use?
9.  
10. AGAIN... I am not making any accusations against MD5 or DCPcrypt here; these are
11. legitimate questions by a true novice simply looking for understanding.
12.  
13. Thank You...
14.  

[marcov]

Because it is not just for cryptography, but also to check integrity of large data blocks.

If tampering is not a real danger, it is quite fast.

[Okoba]

@Ten_Mile_Hike as marcov said, some hashes are safe for cryptography purposes like SHA256 and some are not like CRC32 and MD5. They have their own use cases in other fields, although some are going distinct like MD5. But it is nice to have them in such a library.

[Thaddy]

Although MD5 was once designed as a secure hash and lost its purpose as a secure hash, it is still a good generic hash with good compute - quite fast - and good - few if any - collision properties. That is why it is often used but nowadays in a different setting.

And CRC32 is an error correcting hash, never meant as secure. To the contrary, designed to restore errors by storing partial knowledge of the underlying data.